Wednesday, 24 October 2007

Sit down, and shut the fuck up.

I'm Paine. I used to be a moderator at OiNK.cd, until, as you know, we were shut down by the BPI and IFPI.

Now, there are far, FAR too many rumours flying around, and I wanted to set some shit straight.

1. There is no official OiNK IRC right now.

EDIT: Defunct. See newest post.

2. OiNK will _NOT_ be up today, or tomorrow.

We're not magic. None of the moderators have access to the current code and databases right now -- in fact, neither does OiNK himself, as his stuff was confiscated (remember the crap you saw in the plastic bags on the news?). People purporting to be TMT and/or OiNK are, to be frank, lying their fucking asses off.

3.There is currently _NO_ "oink legal fund".

DO NOT, I repeat, DO NOT give ANY money to ANY of these fake funds you are seeing. They are scams. OiNK will not see a penny of this money, and neither will you.

4. OiNK himself is safe and well.

He's fine and out on bail.

5. There is no "official" OiNK forum right now.While there may not be an official forum, a lot of our ex-users are flocking to http://www.ohax.com/phpBB2/ -- Some of the users on there are actually staff. However there are also people maliciously using that site to link to scam sites and other various filth.

Anyway, I hope that's settled a lot of shit. If you're in doubt I'm who I say I am, then don't believe me. I encourage you all to exercise extreme caution when people are floating around throwing names about left right and center saying these things. The "TMT" on Dalnet was not our TMT. In fact, nobody has been in contact with him, and I expect it will remain that way for a very long time.

Edit: A few people have asked me if we logged the IP you snatched things from. The answer is no, we did not log snatch IPs.

Edit 2: This is an important one -- Your passwords do NOT need to be changed, they were stored as salted MD5 hashes. All the authorities have is the hashes. The only way they can get the original passwords is via brute force. The chances of that are slim to none if you followed standard good passwordpractice.

Wishful thinking is all we have right now, we're still trying to get in touch with a few straggling mods who've disappeared. We don't know if it'll be back, although it's fair to say we'd all jump at the chance to do it.

Can oink donators be sued or charged and will users be sued or charged for uploading or downloading? I'm glad I never upped major label releases and am strictly into underground music.Good luck to all staff.

Thanks for the reply. I was thinking more for the UK users since that's where it was based.Can they find out who donated and have access to what was uploaded and downloadedand by whom?Again, good luck to y'all.

anonymous, i admittedly know less about UK law, but i think my claims still stand there. you need to prove that someone actually downloaded something to sue them. as paine said in his post update, oink did not log snatch IPs. as a result, it seems like it would be impossible to prove. (they may be able to associate username with emails with snatches, but that's still extremely difficult to prove that the actual person did it.)

remember, it's not ALL oink material they can sue for, it's only RIAA/IFPI stuff. so being an oink member alone doesn't suffice anyway.

I said it at the "memorial blog" and I will say it again: we need to keep away from all the trouble of the "OiNK" name right now, but we definitely need to take action. We need to make buttons for website that say "I <3 music", and make people show their support.

Atari-Agreed on all accounts. I meant that, if I were paine, I wouldn't post any sort of contact info on this particular blog, as it's linked to very publicly. A private message. An encrypted email, hell, a netsend would be more secure than that. It was just my two cents.

As to those who want to "get back" at someone for taking down a website- stop. There's no point. Boycotting buying music is not going to hurt the industry that badly. Neither is putting up some sort of button. Choose your battles. Now, when all the cameras are on you and the light is the brightest, is not the time to make some sort of "stealth strike". Deal with it. Wait for this to become old (maybe 2 weeks Internet time?), then look around for a resurrection of our favorite site.

Allegedly some ex-OiNKers are being hassled by their ISPs.See: http://torrentfreak.com/oink-admin-released-from-custody-071023/#comment-194577At least two have ALLEGEDLY been contacted.For the sake of other ex-OiNKers I hope this isn't a trend.

Paine, I know you said that almost no logs were taken. But I was just wondering how much of the PayPal information was kept by the servers? Or, was it all handled simply by PayPal (meaning that PayPal has those records)?

Thanks for enlightening us, paine. It came as a hell of a shock to me.. but can you tell me: do they really have anything against OiNK? I mean, I'm sure he's not stupid (of course not.. <3 we love him) and doesn't participate in spreading scene releases, as that would be an obvious risk. So do they have any strong leverage in court? It's just a tracker.. and those "super early pre release holy shit we are soo losing money, so we can't afford to cover our pools with gold" claims can be easily debunked in court.

OiNK wouldn't probably be running trackers anytime soon anyway?

I thought you mods/admins might join up, spread the love and buy a server at PRQ. Plus, PRQ/TPB are strong fighters against IFPI and bitches likewise (see: ifpi.com). You can verify old users. Yes, wishful thinking.. but that's my dream for now.

So would they have access to any paypal account of those who donated in the past? You say no logs were kept on users, which of course is good news for users. Also, they would need to essentially guess a users password to see their account?

I would've thought it would depend on how much uploaded was on the BPI/RIAA radar. The people who leaked the scene releases I am sure will be who they're after to stop them doing it elsewhere.I know a lot of people who have quit torrenting because of this.

People claiming to have cease and desist letters in their browsers are probably just trying to cause hysteria. Their ISPs wouldn't just do it for one page view, and they would have no way to post comments about not being able to get online ;)

They wouldn't need to guess a user's password, I was merely pointing out that users passwords are safe.

Thanks Paine. Definitely appreciate the official word. Not usually given to prayer (being an atheist and all) but if there is a god, hopefully he'll see fit to return OiNk to something approaching it's former glory.

"According to the article, a source has stated that the OiNK membership list was not only encrypted, but also equipped with a ’self-destruct’ type mechanism which relied on a regular signal to continue in ‘OFF’ mode."

Taken from: http://torrentfreak.com/oink-down-norwegian-bittorrent-trackers-next-071024/

after a 2 year investigation they still believe that a) people were subscribing to the service and b) you had to prove you could upload your own stuff before being gained entry. obviously they didn't do a good job which is why this whole thing is bs.

for a journalist who didn't just copy the press release, read this. at least someone is on our side.

and i know you've heard it a lot paine, but thanks for keeping us updated.

So you say that you didn't log IP's? Out of curiosity, does this mean that you weren't actively logging IP's on your forum and/or other installed software? Or do you mean to say that you disabled system logs, network logs, router logs, etc...?

There's a hell of a lot of logging going on in the average server box...

Is it your assertion that you had several hundred thousand users transferring gigs of data across unencrypted, public networks, but magically left no identifiable trace of those users not only in your logs, but any logs?

"What information, if any, do they have on the users right now that could be used potentially in future civil lawsuits if they decide to go that route?"

Jesus how presumptuous to keep asking this. What makes you think Paine knows? Further, what makes you think it's his responsibility to tell you anyway? It's not his job to ease your worries or calm your fears. And do you really expect that? Have you been in an OiNK forum? Are the mods known for their loving, warm, gentle touch?

You knew what you were getting into when you downloaded your first torrent. You scared? I don't blame you. I am too, but the fact is that Paine more than likely doesn't know. He's not the one who's house was raided. He's not the one out on bail. I'm sure OiNK himself can't divulge all the details of what went on, so even though Paine has an inside lane to the info, it doesn't mean it's the info that's gonna make you sleep better tonight.

"users last IP was recorded in the users table. And the userid is in the snatched table. So with a simple sql join you have snatch list with IPs."

Interesting. What I remember from OInk though was that only recent snatches would show in the profile. Am I remembering wrong?

Also, it would be presumptive and not solid to make the case that a snatch occurred at that ip. all that shows is that the user logged on at that ip. you'd have to presume the snatch occurred there -- it could've happened anywhere.

Just sent this email to a client. I've no idea whether they've even heard of Oink but... anyway...I'm going to send something similar to all my clients. From now on, if they want, they'll get a free song of my choice. Swamp the world:

Thing attached here.

Stop being so apologetic about making changes. You're being way too empathetic for your new role.

Would it be be practical if I sent you a song with every email? I think that's something I should be doing with everyone right now. Just because.